Certificate in Advanced Cyber Security

Earn a globally recognized credential in a rapidly growing field.

Today’s digital environments are highly complex. They are also an integral part of our daily lives. It’s no surprise then that the demand for cyber security expertise has never been greater.

Experts see this job market doubling in the next five years

Professionals trained in cyber security possess the unique ability to protect digital assets and guard intellectual property. As one of the world’s fastest growing technology fields, many experts see the cyber security job market doubling in the next five years—which means there will be a critical need for qualified individuals.

Build a portfolio of in-demand skills with our two new Cyber Security Certificates

The Cyber Security program will deepen your understanding of cyber security topics, strengthen your skills as an IT manager/project lead, and prepare you to earn a CISSP designation. It will also give you the opportunity to earn two distinct certificates: a Certificate in Cyber Security Fundamentals and a Certificate in Advanced Cyber Security.

Developed in collaboration with the Lassonde School of Engineering, the program is aligned to the Certified Information Systems Security Professional (CISSP) body of knowledge. Our curriculum design focuses on case studies with real world examples and simulations to help you be prepared to interview for your first cyber-security role.

Stackable credentials

Program delivery

Our flexible, part-time format is ideal for busy professionals. Each certificate can be completed in just five months and includes a blend of online coursework and three on-campus sessions (held over the weekend). Instructor led learning with online modules help you progress through the web portion of the program from the location of your choice. The program is designed for students to start and progress through each certificate as a group, which will help you form connections with your peers and colleagues.

“The credential has a lot of credibility in the market place. Because York is structuring the program along CISSP knowledge, that positions students to be better prepared”

Who should take this program?

Project, team, and department leaders who require cyber security knowledge to lead their team more effectively

Managers and administrators who are seeking to master new information security responsibilities

The Certificate in Cyber Security Fundamentals

Explore the fundamental knowledge required to help you become a more effective IT manager and project leader. Students who plan to earn the CISSP designation can choose to continue on to the Certificate in Advanced Cyber Security right away or take a break and enrol in a later cohort.

The Certificate in Advanced Cyber Security

Build upon the foundational knowledge gained in the first certificate to develop managerial competencies and a more thorough understanding of the eight knowledge areas required for the CISSP designation. This certificate is scheduled to align with CISSP examination dates to allow graduates the opportunity to write the exam while the course material is still fresh in their minds.

“Given the increasing cyber security challenge Canadian organizations of all types face, with skilled and motivated adversaries attacking our collective defenses, I am excited about the depth of expertise that the York University School of Continuing Studies will be imparting to their students with the delivery of the cyber security certificate program.”

Certificate in Cyber Security Fundamentals

Introduction to Cyber Security

Examine the information security knowledge framework through the lens of the CISSP domains as you develop an enhanced understanding of the eight CISSP domains and gain the fundamental information required for information security projects and the designation.

Information Security Risk Management and Governance

Develop an understanding of the ethical, legal and regulatory issues surrounding cyber security as you learn about security principles, network fundamentals and how to apply these areas to design networks and policies for security and compliance.

Data, Asset and Identity Protection

The amount of digitized data grows in size and vulnerability every day, requiring specialized attention toward processes, protection, security and authentication. Learn how to mitigate risk and protect ownership by understanding best practices for data gathering, classification, storage, retention and protection.

Certificate in Advanced Cyber Security

Engineering for Information Security

Security engineering requires an understanding of security models, secure design principles and the ability to assess a variety of systems for vulnerabilities. Students will learn these fundamental concepts as well as information on selecting controls and countermeasures, and the application of cryptography.

Cyber Security Operations Management

Effective leadership in the field of information security requires an elevated understanding of security operations concepts and how to apply these in real-world situations. Discover how to apply concepts, from best practices in vendor procurement, through to investigations and preventative measures, resource management, disaster recovery, and business continuity.

Security Assessment and Testing

The development, evaluation and validation of assessment processes is integral to securing system infrastructure and detecting vulnerabilities. Develop an in-depth understanding of the techniques and industry standards for assessment validation, continuity, analysis, reporting and facilitating audits.

The Certificate in Cyber Security is a direct registration program. No application process is required, simply enrol in the session of your choice to get started.

To be successful in this program we recommend that you have a prior technical diploma, or undergraduate degree or 1-2 years’ experience in an IT role to have gained an understanding of general information technology (IT) concepts around:

The Cyber Security Program is designed to heighten your understanding of the Certified Information Systems Security Professional (CISSP) body of knowledge and prepare you to take and pass the (ISC)2 CISSP exam. The CISSP is a globally recognized designation required for most senior cyber security roles.

Graduates of (ISC)2 accredited cyber security programs can write the CISSP exam one full year sooner than people who have not.

Those interested in progressing to the CISSP exam will need to meet experience requirements as required by (ISC)2. For more information on designation requirements please visit their website. https://www.isc2.org/cissp-how-to-certify.aspx

Ali Khan, CISM, CISSP, CISA

Ali Khan is a senior information technology, cyber security, and risk management professional. With experience in information and cyber security, privacy, risk and related technology, he has worked across many different industries including high-tech, financial services, energy and utility, health care, retail, educational institutions, and crown corporations. Ali’s areas of expertise include strategic IT security consultancy on cyber security, cyber security analytics, and information protection solutions.

Ali focuses on consultancy of Privacy/Security Operations Centers (P/SOCs) and related Security Information and Event Management (SIEM) solutions. He works with large enterprise clients to develop and operationalize their cyber security initiatives.

Ali has NATO Secret Clearance and Level II (Secret) clearance from the Government of Canada and holds an Honours BA in information technology management from York University, an advanced diploma in computer engineering technology from Humber College, is a Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and has completed numerous professional training sessions on industry leading IT solution sets. Ali is also a member of a number of local and global cyber security groups.

Course: CS1000: Introduction To Cyber Security

Gaurav Kumar, MSc, CISSP, CISM, CRISC, CCSK, SCF

Gaurav Kumar is a security and risk management leader with one of the world’s largest management consulting companies. In his current role, Gaurav is responsible for helping client executives develop suitable security and risk management strategies that meet business needs, seeking to balance defensive and responsive strategic elements.

For over 15 years, Gaurav has been helping businesses understand and proactively manage information technology risks by effectively acting as both a technical subject matter expert and a trusted business information security adviser. Gaurav has worked in all verticals of information security and risk management including access management, threat analysis, security monitoring and response, risk management, security assurance and governance, security consulting, and enterprise security program management.

Gaurav holds a MSc in information security and assurance (majoring in vulnerability management) from Norwich University in Vermont, USA. Gaurav also holds the CISSP, CISM, CRISC, CCSK, and SABSA security architect designations.

Course CS1020: Information Security Risk Management And Governance

Ed Dubrovsky, MBA, MSc, CISSP, PMP

Ed Dubrovsky is an information security executive and practitioner with over 24 years in the technology field. Ed possesses extensive experience in technology leadership, information security architecture, implementation and management. Ed has written numerous thought leadership articles, and spoken at many professional events about risk management and information security topics.

Ed has Secret clearance from the Government of Canada, holds an Honours BSc in information systems from Athabasca University, an MSc in information systems from Athabasca University, an MBA from York University’s Schulich School of Business, is a Certified Information Systems Security Professional (CISSP) in good standing from 2003, holds a Project Management Professional (PMP) designation, and holds numerous technical and professional certifications with leading technology and cyber security vendors.

Jeff Clark, CISSP

Jeff is the Director of Customer Protection (Authentication) and Cryptographic Services within the information security department of a major financial institution with over 20 years’ experience in 24/7 operations environments. Prior to venturing into information security, his focus was as a director of architecture in the contact centre and application development space, leading technical teams of up to 100 members. He primarily served financial services, telecommunications, and professional services organizations.

His experience in architecture, data centre, program management, application development and strategy has led him to experience every one of the 8 domains prescribed within the CISSP Common Body of Knowledge.

Jeff wrote his Certified Information Systems Security Professional (CISSP) certification exam in 2013. He first trained as an aircraft engineer and continues to carry learnings from that industry into technical operations.

Course: CS1040: Cyber Security Operations Management

Jamie Baxter, M. Eng, OSCP, OSCE, GPEN, CISSP

Jamie is a senior technical lead with extensive experience in conducting security assessments and penetration test engagements acquired from over 7 years of information security experience and 13 years overall as a professional in information technology.

Currently a senior leader of the information security team at a large financial organization, previously he was a senior penetration tester within the public sector. In total, he has led or supported hundreds of penetration tests and security assessment engagements against a wide variety of applications and systems. In addition to a Masters of Engineering, Jamie holds the GIAC GPEN, Offensive Security Certified Professional and Offensive Security Certified Expert certifications, and CISSP.

Qualifications

Careers

Senior executives from many of Canada’s leading organizations help us ensure that our graduates have the skills and knowledge that employers value most, including the following:

John Weigelt, CD, BEng, MEng, RMC, CISM, CISSP

National Technology Officer, Microsoft Canada

As the National Technology Officer for Microsoft Canada, John Weigelt is responsible for driving Microsoft Canada’s strategic technology efforts. In this role, Mr. Weigelt helps business and governments innovate with technology while avoiding the unintended consequences that might arise. He leads Canadian outreach for technology policy issues across a wide range of subjects including: economic development, digital economy, open government, environmental sustainability, accessibility, privacy, security, critical infrastructure protection, government 3.0, spectrum and intellectual property. Mr. Weigelt’s 25 plus years of experience in cyber security, and his pioneering work in protocols, practices, policies, programs and partnerships to increase cyber assurance, provides him with a unique perspective on the challenges and opportunities associated with overcoming the inertia often associated with initiatives to increase trust and confidence in the digital world.

Ed Dubrovsky, MBA, MSc, CISSP, PMP

Head Security Practice, OnX Enterprise Solutions

Ed Dubrovsky is currently the head of the national security practice at OnX Enterprise Solutions, dealing with issues that directly affect security and IT departments’ ability to collaborate effectively. Mr. Dubrovsky is an information security expert with over 24 years’ experience in the technology field. His primary interests include infrastructure and application security, and vulnerability assessment. Mr. Dubrovsky has expertise in vital topics such as: protecting perimeter devices, cyber compliance, employee training, and selecting the right technology tools to help keep your organization safe.

Darren Jones, BMath, CPA, CMA

Senior Manager, Cyber Security Services,

KPMG Canada

Darren Jones is an internationally recognized leader in the fields of IT audit and security, with extensive experience in the field since 1986. He has excelled in delivering innovative solutions for organizations in a variety of industries. As a part of KPMG Canada’s national cyber security consulting practice, Mr. Jones provides clients with impactful solutions to help them improve their security policies, processes, and technologies. Mr. Jones’s business development and project delivery successes include solution areas as diverse as information security, corporate governance, IT strategy, enterprise systems management, network architecture and management, and outsourcing. Since 1993 he has been a sought-after speaker on IT audit, security, crisis management and IT reliability issues. He is frequently interviewed and is a published author on IT security matters.

Gary Perkins, BA, MBA, CISSP

Chief Information Security Officer, Province of British Columbia

Gary Perkins is the Chief Information Security Officer (CISO) for the Government of British Columbia. As the Executive Director of the Information Security Branch, he is responsible for providing cyber security services in support of the province. He has over 19 years of experience in information technology, risk management, and cyber security. Prior to joining the BC Government, he worked in the private sector as chief of staff for security at Telus and, earlier in his career, led teams responsible for incident response, operations, delivery, and architecture for both corporate and managed security services customers. A certified information systems security professional (CISSP) since 2004, Perkins also holds an MBA from Simon Fraser University’s Management of Technology program.

Manish Khera, BASc, CISSP, C|CISO

Manish Khera is currently the lead of application security, data protection, and security consulting in the office of the CISO for the Royal Bank of Canada. Mr. Khera is a seasoned technical security leader with nearly 20 years of experience in the fields of IT security and privacy consulting, data protection, forensic investigations, fraud detection, and IT auditing. He was formerly the Canadian Chief Information Risk Officer, Head of Global Merchant Cyber Security Investigations and PCI Compliance for JP Morgan Chase. His responsibilities included management of the IT risk posture in Canada for the firm, global head of merchant breach investigations, merchant PCI compliance, and merchant service provider registration. Prior to joining JPMC, Mr. Khera was the head of the IT security function for TJX Companies responsible for IT risk assessments, policy administration, security project management, identity management, and security administration, operations, and engineering.

Hamzeh Roumani, PhD

Dr. Hamzeh Roumani is an award winning professor and a recipient of the 3M Fellowship, the highest and most prestigious recognition of teaching excellence in Canada. His teaching philosophy is founded on the clear separation of abstraction levels, and his pedagogy is based on learning by doing. He embraces the experiential approach in his books and courses and has recently implemented it to help design a new computing curriculum for the newly founded Lassonde School of Engineering at York University. The new courses are themed around sensors and actuators, web technologies, mobile computing, and cyber-physical systems. Dr. Roumani’s main areas of interest are computer security and quantum computing and cryptography.

FAQs

Quality of instruction – our instructors are not only experts in the field, but are also certified by (ISC)2. Their breadth of experience is as tremendous as their teaching and academic qualifications.

Innovation – We’re the first School of Continuing Studies in Ontario to offer a non-credit two-certificate program to prepare for the CISSP designation.

Cyber security refers to the protection of digital environments and assets from internal and external threats and the guarding of intellectual property. The field of cyber security includes industry risk management, engineering, communications, identity protection, assessing and testing, operations and software development.

The Certificate in Cyber Security Fundamentals takes just 5 months to complete. If you choose to continue on to the Certificate in Advanced Cyber Security right away, you can be prepared to write the CISSP exam in as little as 10 months.

According to the Digital Adoption Compass, a consortium of the industry’s major players, over 27,000 new jobs in this field are expected to be created in Ontario by 2019. Combined with replacement demand, Ontario would need to fill 76,300 ICT positions over the next five years.

Furthermore, they project that the availability of home-grown talent will not be sufficient to meet these hiring requirements. So if you’re qualified, you’ll most likely get a job.

Given the experiential and practical nature of the courses and the application of Ontario’s Freedom of Information and Protection of Privacy Act (FIPPA) to York University, The School of Continuing Studies works to ensure that instructors and participants acknowledge and respect the privacy and confidentiality of personal information that may be presented in the context of instruction. Instructors will limit the amount of personal information that is collected, used or disclosed in their sessions, and will ensure that all identifying personal information (including proper name, address, etc.) is omitted from all written documents in order to protect personal privacy and confidentiality. Instructors should not bring or share personal or other confidential files or records with the class or allow students to do so.

We are committed to protecting your privacy and your financial security, and we do this in several ways:

Your credit card information is never received or stored by our system. Only your financial institution has access to your credit card information.

Your Student Portal is password-protected. To access any personal and academic information, you must enter your username and portal password.

Instalment Plan Policy

The School of Continuing Studies allows students in certificate programs the option of paying in two or more instalments. You must pay the initial payment as stated below and then you can create a payment schedule that works for you, as long as the balance is paid before the stated due date.

The instalment plan comes with a one-time, non-refundable administrative fee of $125 due at the time of registration. The following are the details of the instalment plan policy according to the program you have registered for:

Certificate in Cyber Security Fundamentals – The first payment of $1,599.00 (CAD) is due upon registration with the balance due by program start date.

Certificate in Advanced Cyber Security – The first payment of $1,999.00 (CAD) is due upon registration with the balance due by program start date.

Customized payment plans are available to align to employer policies, but are not available for individuals. For further information please contact the Registration and Student Records Coordinator at 416-736-5616.

A student that fails to make instalment payments as required will not be permitted to continue in the program.

All correspondence, including your registration confirmation, grade report and refund cheque, will be sent to the email address provided at the time of registration.
To maintain accurate student records, notification of any changes to your name, address and contact information are required. To update your personal information:

Students registered in a part-time program that is less than 1 year in length may withdraw from the program. However, they are strongly advised to consult with the Program Manager before a final decision is made. A full refund is granted only when the School of Continuing Studies cancels a program. Refunds will be issued using the initial method of payment or by cheque, if original payment was made by money order. Withdrawal requests must be submitted on the official School of Continuing Studies Withdrawal Request Form to the School of Continuing Studies and subject to the terms listed below.

If you withdraw 7 calendar days prior to the start of the program, you will receive a 75% refund of program tuition instalment and no academic penalty.

If you withdraw between 6 calendar days prior to the start of the program to 7 calendar days after the start of the program, you will receive a 50% refund of program tuition instalment and a $50 administrative fee and no academic penalty.

When necessary, the School of Continuing Studies may alter, postpone or cancel classes. In these instances, students will be notified by email, based on the information provided at the time of registration.
Cancellations or changes will also be posted on the School of Continuing Studies Twitter account.

Students and instructors are expected to maintain a professional relationship characterized by courtesy, collegiality and mutual respect, and to refrain from actions that would be disruptive to such a relationship;

It is the responsibility of the instructor to maintain an appropriate academic atmosphere in the classroom, and the responsibility of the student to cooperate in that endeavour; and,

The instructor is the best person to decide, in first instance, whether such an atmosphere is present in the class, and may, at their discretion, take steps that they feel are appropriate to resolve an issue or dispute.

In any case where a student feels that this policy has been violated, they are urged to notify the instructor of the course/program as soon as possible. Students may be asked to provide a detailed written description of their complaint to the instructor. The instructor may take measures they feel are appropriate to resolve the issue and/or may forward the complaint to the Program Manager for review. Please refer to the full policy document on the York University website at: http://www.yorku.ca/scdr/

Students registered in certificate programs will be evaluated using the following categories of achievement:

Grade

%

Description

A+

90 – 100%

Thorough knowledge of concepts and/or techniques, and exceptional skill or great originality in the use of those concepts/techniques in satisfying the requirements of an assignment or course.

A

80 – 89%

B+

75 – 79%

Thorough knowledge of concepts and/or techniques with a fairly high degree of skill in the use of those concepts/techniques in satisfying the requirements of an assignment or course.

B

70 – 74%

C+

65 – 69%

Good level of knowledge of concepts and/or techniques together with considerable skill in using them to satisfy the requirements of an assignment or course.

C

60 – 64%

D+

55 – 59%

D

50 – 54%

F

Below 50%

Insufficient knowledge of concepts and/or techniques needed to satisfy the requirements of an assignment or course.

PASS

Pass is awarded as a grade only to courses that have an experiential component. A student that has received a Pass has met the requirements of the course.

FAIL

Fail is awarded as a grade only to courses that have an experiential component. A student that has received a Fail has not met the requirements of the course.

EXEMPT

Exempt is awarded to those that have completed a comparable course elsewhere and have met all of the requirements for completion of that course.

DNA

Did Not Attend – The student did not attend, did not withdraw, and did not submit course work.

DNC

Did Not Complete – The student did not complete the course.

Grading for Academic Bridging and Math for Admission Waiver courses:

Students are required to complete all course work.

Students who fail to complete the course work will receive a DNC (Did Not Complete).

Grade

%

Description

A+

90 – 100%

Academic Bridging Studies – Meets Admission Requirements. Elementary Mathematics – Students already admitted to YORK UNIVERSITY who earn a grade of “B” or better will gain automatic entrance to AK/MATH1710.06 and will be exempt from the pre-requisite test.

A

80 – 89%

B+

75 – 79%

B+

70 – 74%

C+

65 – 69%

Academic Bridging Studies – Does not meet Admission requirements. Student cannot repeat the same Academic Bridging course but can enroll in the other Academic Bridging course.

C

60 – 64%

D+

55 – 59%

D

50 – 54%

F

Below 50%

Academic Bridging Studies – Does not meet Admission requirements. Student cannot repeat the same Academic Bridging course but can enroll in the other Academic Bridging course.

DNA

Did Not Attend – The student did not attend, did not withdraw, and did not submit course work.

Students may, with sufficient grounds, request a reappraisal of any “tangible” work required for a course/program. Tangible work may include written, graphic, digitized, modelled, video recording or audio recording formats. Students seeking a grade reappraisal must complete and submit the attached form, along with the original work and instructions for the assignment, to the Program Manager within 2 weeks of the date of issue of the letter of grade.
Students and instructors will be informed in writing of the reappraisal result and the reappraiser’s comments. The School of Continuing Studies will ensure the anonymity of both the student and the reappraiser.

You may submit a financial petition if you experience a serious documented medical illness or a death of an immediate family member that causes you to drop courses. Financial petitions may be granted at the discretion of the University, and will be considered for a period of one year after the occurrence of the illness or death.

Watch the video

York University’s School for Continuing Studies is located in Toronto, Ontario and serves the GTA including Vaughan, Markham, Brampton, Mississauga, Richmond Hill, Milton, Oakville, Burlington, Oshawa, Whitby and Ajax. We offer a degree pathway for working students, degree preparation courses including English academic preparation, professional certificates and post-graduate certificates to international students as well as non-traditional students from across Canada.